Home Explore Help
Sign In
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

qcacld-3.0: Don't Update limMlmState in invalid state in set key resp

In case set key is sent to firmware and Roaming updated the session
before set key resp is processed in LIM, the limPrevMlmState will
be 0 and thus updating limMlmState to limPrevMlmState will result
in improper limMlmState, leading to sync issue.

So do not update the limMlmState in invalid state in set key resp.
Also update limPrevMlmState to limMlmState during roaming.

Change-Id: I96291e7c3eb34df8b5741745448c76cf63b1f200
CRs-Fixed: 2574731
Abhishek Singh 5 years ago
parent
17482ca893
commit
a827b4e71b
2 changed files with 39 additions and 21 deletions
Split View Show Diff Stats
  1. 4 2
      core/mac/src/pe/lim/lim_api.c
  2. 35 19
      core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c

+ 4 - 2
core/mac/src/pe/lim/lim_api.c
View File 

@@ -1769,7 +1769,8 @@ void lim_ps_offload_handle_missed_beacon_ind(struct mac_context *mac,
 
 		pe_find_session_by_vdev_id(mac, missed_beacon_ind->bss_idx);
 
 
 	if (!pe_session) {
 
-		pe_err("session does not exist for given BSSId");
 
+		pe_err("session does not exist for vdev_id %d",
 
+			missed_beacon_ind->bss_idx);
 
 		return;
 
 	}
 
 
@@ -2433,6 +2434,7 @@ pe_roam_synch_callback(struct mac_context *mac_ctx,
 
 	curr_sta_ds->nss = ft_session_ptr->nss;
 
 	roam_sync_ind_ptr->nss = ft_session_ptr->nss;
 
 	ft_session_ptr->limMlmState = eLIM_MLM_LINK_ESTABLISHED_STATE;
 
+	ft_session_ptr->limPrevMlmState = ft_session_ptr->limMlmState;
 
 	lim_init_tdls_data(mac_ctx, ft_session_ptr);
 
 	join_rsp_len = ft_session_ptr->RICDataLen +
 
 			sizeof(struct join_rsp) - sizeof(uint8_t);
 
@@ -2486,8 +2488,8 @@ pe_roam_synch_callback(struct mac_context *mac_ctx,
 
 	lim_set_tdls_flags(roam_sync_ind_ptr, ft_session_ptr);
 
 	roam_sync_ind_ptr->join_rsp->aid = ft_session_ptr->limAID;
 
 	lim_fill_join_rsp_ht_caps(ft_session_ptr, roam_sync_ind_ptr->join_rsp);
 
-	ft_session_ptr->limPrevSmeState = ft_session_ptr->limSmeState;
 
 	ft_session_ptr->limSmeState = eLIM_SME_LINK_EST_STATE;
 
+	ft_session_ptr->limPrevSmeState = ft_session_ptr->limSmeState;
 
 	ft_session_ptr->bRoamSynchInProgress = false;
 
 	if (mac_ctx->roam.pReassocResp)
 
 		qdf_mem_free(mac_ctx->roam.pReassocResp);

+ 35 - 19
core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c
View File 

@@ -2447,7 +2447,22 @@ void lim_process_mlm_set_sta_key_rsp(struct mac_context *mac_ctx,
 
 	vdev_id = set_key_params->vdev_id;
 
 	session_entry = pe_find_session_by_vdev_id(mac_ctx, vdev_id);
 
 	if (!session_entry) {
 
-		pe_err("session does not exist for given session_id");
 
+		pe_err("session does not exist for given vdev_id %d", vdev_id);
 
+		qdf_mem_zero(msg->bodyptr, sizeof(*set_key_params));
 
+		qdf_mem_free(msg->bodyptr);
 
+		msg->bodyptr = NULL;
 
+		lim_send_sme_set_context_rsp(mac_ctx,
 
+					     mlm_set_key_cnf.peer_macaddr,
 
+					     0, eSIR_SME_INVALID_SESSION, NULL,
 
+					     vdev_id);
 
+		return;
 
+	}
 
+
 
+	if (!lim_is_set_key_req_converged() &&
 
+	    (session_entry->limMlmState != eLIM_MLM_WT_SET_STA_KEY_STATE)) {
 
+		pe_err("Received in unexpected limMlmState %X vdev %d pe_session_id %d",
 
+			session_entry->limMlmState, session_entry->vdev_id,
 
+			session_entry->peSessionId);
 
 		qdf_mem_zero(msg->bodyptr, sizeof(*set_key_params));
 
 		qdf_mem_free(msg->bodyptr);
 
 		msg->bodyptr = NULL;
 
@@ -2461,14 +2476,7 @@ void lim_process_mlm_set_sta_key_rsp(struct mac_context *mac_ctx,
 
 	pe_debug("PE session ID %d, vdev_id %d", session_id, vdev_id);
 
 	result_status = set_key_params->status;
 
 	if (!lim_is_set_key_req_converged()) {
 
-		if (eLIM_MLM_WT_SET_STA_KEY_STATE !=
 
-				session_entry->limMlmState) {
 
-			pe_err("Received unexpected [Mesg Id - %d] in state %X",
 
-			       msg->type, session_entry->limMlmState);
 
-			resp_reqd = 0;
 
-		} else {
 
-			mlm_set_key_cnf.resultCode = result_status;
 
-		}
 
+		mlm_set_key_cnf.resultCode = result_status;
 
 		/* Restore MLME state */
 
 		session_entry->limMlmState = session_entry->limPrevMlmState;
 
 	}
 
@@ -2552,8 +2560,24 @@ void lim_process_mlm_set_bss_key_rsp(struct mac_context *mac_ctx,
 
 					     vdev_id);
 
 		return;
 
 	}
 
+	if (!lim_is_set_key_req_converged() &&
 
+	    (session_entry->limMlmState != eLIM_MLM_WT_SET_BSS_KEY_STATE) &&
 
+	    (session_entry->limMlmState !=
 
+	     eLIM_MLM_WT_SET_STA_BCASTKEY_STATE)) {
 
+		pe_err("Received in unexpected limMlmState %X vdev %d pe_session_id %d",
 
+			session_entry->limMlmState, session_entry->vdev_id,
 
+			session_entry->peSessionId);
 
+		qdf_mem_zero(msg->bodyptr, sizeof(tSetBssKeyParams));
 
+		qdf_mem_free(msg->bodyptr);
 
+		msg->bodyptr = NULL;
 
+		lim_send_sme_set_context_rsp(mac_ctx, set_key_cnf.peer_macaddr,
 
+					     0, eSIR_SME_INVALID_SESSION, NULL,
 
+					     vdev_id);
 
+		return;
 
+	}
 
+
 
 	session_id = session_entry->peSessionId;
 
-	pe_debug("PE session ID %d, SME vdev_id %d", session_id, vdev_id);
 
+	pe_debug("PE session ID %d, vdev_id %d", session_id, vdev_id);
 
 	if (eLIM_MLM_WT_SET_BSS_KEY_STATE == session_entry->limMlmState) {
 
 		result_status =
 
 			(uint16_t)(((tpSetBssKeyParams)msg->bodyptr)->status);
 
@@ -2581,15 +2605,7 @@ void lim_process_mlm_set_bss_key_rsp(struct mac_context *mac_ctx,
 
 		set_key_cnf.key_len_nonzero = false;
 
 
 	if (!lim_is_set_key_req_converged()) {
 
-		if (eLIM_MLM_WT_SET_BSS_KEY_STATE !=
 
-				session_entry->limMlmState &&
 
-				eLIM_MLM_WT_SET_STA_BCASTKEY_STATE !=
 
-				session_entry->limMlmState) {
 
-			pe_err("Received unexpected [Mesg Id - %d] in state %X",
 
-			       msg->type, session_entry->limMlmState);
 
-		} else {
 
-			set_key_cnf.resultCode = result_status;
 
-		}
 
+		set_key_cnf.resultCode = result_status;
 
 		session_entry->limMlmState = session_entry->limPrevMlmState;
 
 	}